如何去混淆 Lua 脚本? [英] How do I de-obfuscate a Lua script?
问题描述
我怀疑有些 Lua 代码被混淆了.我该如何去混淆它?
I have some Lua code that I suspect is obfuscated. How do I go about de-obfuscating it?
我认为代码被混淆了,因为它看起来与普通的 Lua 代码非常不同,但我知道它是有效的 Lua 代码,因为 Lua 解释器仍然会编译和运行代码.
I believe the code is obfuscated because it looks very different from normal Lua code, but I know it is valid Lua code because the Lua interpreter will still compile and run the code.
我有合法的兴趣去混淆代码,并且不打算违背作者的意愿分发它或修改它以规避任何 DRM 机制.
I have a legitimate interest in de-obfuscating the code and do not intend to distribute it against the authors will or modify it to circumvent any DRM-mechanism.
推荐答案
混淆Lua源代码一般有两种方式:
There are generally two ways to obfuscate Lua source code:
直接混淆代码,主要是通过重命名变量、引入牵引和重组代码以使其更难遵循
Obfuscate the code directly, mostly by renaming variables, introducing istraction and restructuring code to be harder to follow
对源代码进行编码并将其作为字符串嵌入到 Lua 文件中,该文件只解码、加载和运行编码的 real 程序.
Encode the source code and embed it as a string in a Lua file that only decodes, loads and runs the encoded real program.
实际上,经常使用两者的组合:程序被混淆,然后编码并包装在一个字符串中.最后,加载和运行字符串的代码经常被再次混淆.
In reality, a combination of both is often used: Programs are obfuscated, then encoded and wrapped in a string. Finally, the code that loads and runs the string is often obfuscated again.
用于使 Lua 代码更难遵循的典型机制包括:
Typical mechanisms used for making Lua code harder to follow include:
- 重命名
string.gsub、table.concat等标准函数 - 将变量重命名为无意义
- 用括号表示法替换表索引的点和冒号表示法
- 对文字字符串使用十六进制表示法(通常与 3 结合使用.)
一般来说,手动去混淆这些代码的步骤通常非常相似:重新格式化代码以更容易遵循控制流,然后弄清楚每个变量代表什么并重命名它们.为此,通常需要对语言有很好的理解,因为人们需要了解混淆所利用的所有规则,使代码更难理解.需要注意的一些此类规则:
Generally speaking, the steps to de-obfuscate such code by hand are often very similar: reformatting the code to make is easier to follow the control-flow, then figuring out what each variable represents and renaming them. For this it is often necessary to have a good understanding of the Language, as one needs to be aware of all the rules that the obfuscation takes advantage of to make the code harder to understand. A few such rules to be aware of:
- 局部变量遮蔽:两个不同的变量在不同的范围内(甚至在同一范围内)可以有相同的名称.
- 句法糖,例如点符号和冒号符号
- 函数环境和
getfenv和setfenv - 元表,并且所有字符串共享一个元表,其中
__index设置为string - 空格在 Lua 中通常是无关紧要的,在某些情况下只需要分隔语句,也可以使用
;来完成.
- Local variable shadowing: two different variables can have the same name in different scopes (or even in the same scope).
- Syntactic sugar such as dot- and colon-notation
- Function environments and
getfenvandsetfenv - Metatables and that all Strings share one metatable with
__indexset tostring - Whitespace is often insignificant in Lua and only necessary to separate statements in some cases, which can also be done with
;.
有关去混淆特定 Lua 代码片段的详细帮助,您可以在以下其他在线社区中询问:
For more in-detail help with de-obfuscating a specific snippet of Lua code, you could ask in the following other online communities:
但请记住:不要问,只要问
But remember: Don't ask to ask, just ask
请注意,这些不是官方社区.有关更多选项,请参阅 Lua 官方网站上的 社区 页面.
Note that these are not official communities. For more options, see the Community page on the official Lua website.
这篇关于如何去混淆 Lua 脚本?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
